Forensics Analysics of Mobile Financial Applications used in Myanmar

Lwin, Htar Htar; Aung, Wai Phyo

MERAL Myanmar Education Research and Learning Portal

lat lon distance

[[sub_check.contents]]　

[[sub_radio.contents]]

Field does not validate

[[sub_attr.contents]]　

Index Tree

Item

{"_buckets": {"deposit": "457e7631-2126-4826-a117-14a68c907a84"}, "_deposit": {"id": "4560", "owners": [], "pid": {"revision_id": 0, "type": "recid", "value": "4560"}, "status": "published"}, "_oai": {"id": "oai:meral.edu.mm:recid/4560", "sets": ["user-ucsy"]}, "communities": ["ucsy"], "item_1583103067471": {"attribute_name": "Title", "attribute_value_mlt": [{"subitem_1551255647225": "Forensics Analysics of Mobile Financial Applications used in Myanmar", "subitem_1551255648112": "en"}]}, "item_1583103085720": {"attribute_name": "Description", "attribute_value_mlt": [{"interim": "This paper aims to analyze digital forensics of specificAndroid mobile financial applications such as m-bankingand m-pay applications used in Myanmar. Someapplications may store customer’s credentials on thephone’s internal memory. As sensitive data can berecovered through mobile forensic, sensitive userinformation is at vulnerability. Thus, we investigated onmobile financial applications to become aware of howtons touchy statistics may be recovered. Androidapplication usually stores data in/data/data/package_name, thus analysis focuses primarilythere. The selected Android applications are three mobilebanking applications and five mobile money applicationswhich are popular in Myanmar. We used popular opensource forensics tools for data extraction and analysis.After analysis, finding indicates that some applications donot store data on user’s device. Some applications storeencrypted user credentials on device. Some applicationsnot only store user information on device but also uploadsignature and photo of customer in cleartext."}]}, "item_1583103108160": {"attribute_name": "Keywords", "attribute_value_mlt": [{"interim": "Forensics"}, {"interim": "Android mobile financial applications"}, {"interim": "sensitive data"}, {"interim": "data extraction and data analysis"}]}, "item_1583103120197": {"attribute_name": "Files", "attribute_type": "file", "attribute_value_mlt": [{"accessrole": "open_access", "date": [{"dateType": "Available", "dateValue": "2020-01-31"}], "displaytype": "preview", "download_preview_message": "", "file_order": 0, "filename": "URCSE-055.pdf", "filesize": [{"value": "374 Kb"}], "format": "application/pdf", "future_date_message": "", "is_thumbnail": false, "licensetype": "license_free", "mimetype": "application/pdf", "size": 374000.0, "url": {"url": "https://meral.edu.mm/record/4560/files/URCSE-055.pdf"}, "version_id": "c4e75ce4-69c2-4e27-9da5-66f8e9e74340"}]}, "item_1583103131163": {"attribute_name": "Journal articles", "attribute_value_mlt": [{"subitem_issue": "", "subitem_journal_title": "Proceedings of the First University Research Conference on Science and Engineering", "subitem_pages": "", "subitem_volume": ""}]}, "item_1583103147082": {"attribute_name": "Conference papers", "attribute_value_mlt": [{"subitem_acronym": "", "subitem_c_date": "", "subitem_conference_title": "", "subitem_part": "", "subitem_place": "", "subitem_session": "", "subitem_website": ""}]}, "item_1583103211336": {"attribute_name": "Books/reports/chapters", "attribute_value_mlt": [{"subitem_book_title": "", "subitem_isbn": "", "subitem_pages": "", "subitem_place": "", "subitem_publisher": ""}]}, "item_1583103233624": {"attribute_name": "Thesis/dissertations", "attribute_value_mlt": [{"subitem_awarding_university": "", "subitem_supervisor(s)": [{"subitem_supervisor": ""}]}]}, "item_1583105942107": {"attribute_name": "Authors", "attribute_value_mlt": [{"subitem_authors": [{"subitem_authors_fullname": "Lwin, Htar Htar"}, {"subitem_authors_fullname": "Aung, Wai Phyo"}]}]}, "item_1583108359239": {"attribute_name": "Upload type", "attribute_value_mlt": [{"interim": "Publication"}]}, "item_1583108428133": {"attribute_name": "Publication type", "attribute_value_mlt": [{"interim": "Article"}]}, "item_1583159729339": {"attribute_name": "Publication date", "attribute_value": "2020-01-23"}, "item_1583159847033": {"attribute_name": "Identifier", "attribute_value": "978-99971 -0-826-5"}, "item_title": "Forensics Analysics of Mobile Financial Applications used in Myanmar", "item_type_id": "21", "owner": "1", "path": ["1597824203644"], "permalink_uri": "http://hdl.handle.net/20.500.12678/0000004560", "pubdate": {"attribute_name": "Deposited date", "attribute_value": "2020-01-31"}, "publish_date": "2020-01-31", "publish_status": "0", "recid": "4560", "relation": {}, "relation_version_is_last": true, "title": ["Forensics Analysics of Mobile Financial Applications used in Myanmar"], "weko_shared_id": -1}

Forensics Analysics of Mobile Financial Applications used in Myanmar

http://hdl.handle.net/20.500.12678/0000004560

Preview

Name / File	License	Actions
URCSE-055.pdf (374 Kb)

Publication type
		Article
Upload type
		Publication
Title
	Title	Forensics Analysics of Mobile Financial Applications used in Myanmar
	Language	en
Publication date		2020-01-23
Authors
		Lwin, Htar Htar
		Aung, Wai Phyo
Description
		This paper aims to analyze digital forensics of specificAndroid mobile financial applications such as m-bankingand m-pay applications used in Myanmar. Someapplications may store customer’s credentials on thephone’s internal memory. As sensitive data can berecovered through mobile forensic, sensitive userinformation is at vulnerability. Thus, we investigated onmobile financial applications to become aware of howtons touchy statistics may be recovered. Androidapplication usually stores data in/data/data/package_name, thus analysis focuses primarilythere. The selected Android applications are three mobilebanking applications and five mobile money applicationswhich are popular in Myanmar. We used popular opensource forensics tools for data extraction and analysis.After analysis, finding indicates that some applications donot store data on user’s device. Some applications storeencrypted user credentials on device. Some applicationsnot only store user information on device but also uploadsignature and photo of customer in cleartext.
Keywords
		Forensics, Android mobile financial applications, sensitive data, data extraction and data analysis
Identifier		978-99971 -0-826-5
Journal articles
		Proceedings of the First University Research Conference on Science and Engineering
Conference papers
Books/reports/chapters
Thesis/dissertations